Re: [Evolution] GPG support

Replying on-list as well, since this doesn't seem to be private mail.
Please reply to list or reply to all.

On Sun, 2006-02-19 at 12:24 +0100, Erik Slagter wrote:
On Fri, 2006-02-17 at 19:36 +0100, guenther wrote:

Anyway, to automate this process (importing of unknown keys), edit your
GPG options in ~/.gnupg/options or ~/.gnupg/gpg.conf and let GPG itself
care about this. :)  Just add these settings:

keyserver-options auto-key-retrieve

Works like a charm for me. :)  HTH

Works indeed, but keeps the sender "untrusted" (yellow button) :-(


All this does is fetching the keys, so GPG at least can decide, if the
signature is correct. (Remember, it is GPG rather than Evo fetching the

Simply having a key does not imply any trust. And it must not.
Developing a web of trust and trusting your correspondents is a
different, sensitive and crucial step. It is important, that a user does
this right and assures oneself of the identity, before signing. That's
why a button "sign this key" in a mailer is out of place, IMHO.

Again, all Evo displays is what GPG tells. Developing the web of trust
is GPGs duty. Verifying a key is GPGs duty. The only funky addition by
Evo is visibly highlighting different states by different colors.


char *t="\10pse\0r\0dtu\0  ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]